DCapBAC: embedding authorization logic into smart things through ECC optimizations

Hernández-Ramos, José L.; Jara, Antonio J.; Marín, Leandro; Gómez, Abraham Bernárdez

doi:10.1080/00207160.2014.915316

Cited by 110 publications

(68 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Also all these systems (with the exception of some recent capability-based proposals e.g. [12]) tend to be heavily centralised, which is not an ideal model for an IoT-enabled smart healthcare system.…”

Section: Background and Problem Statementmentioning

confidence: 99%

See 1 more Smart Citation

Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things

Pal¹,

Hitchens²,

Varadharajan³

et al. 2018

EAI Endorsed Transactions on Industrial Networks and Intelligen

View full text Add to dashboard Cite

There has been tremendous growth in the application of the Internet of Things (IoT) in our daily lives. Yet with this growth has come numerous security concerns and privacy challenges for both the users and the systems. Smart devices have many uses in a healthcare system, e.g. collecting and reporting patient data and controlling the administration of treatment. In this paper, we address the specific security issue of access control for smart healthcare systems and the protection of smart things from unauthorised access in such large scale systems. Commonly used access control approaches e.g. Role-Based Access Control (RBAC), AttributeBased Access Control (ABAC) and Capability-Based Access Control (CapBAC) do not, in isolation, provide a complete solution for securing access to IoT-enabled smart healthcare devices. They may, for example, require an overly-centralised solution or an unmanageably large policy base. We propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system while providing fine-grained access control. The devised access control model employs attributes, roles and capabilities. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on attributes of the user and are then used to access specific services provided by things. We also provide a formal specification of the model and a description of its implementation and demonstrate its application through different use-case scenarios. The evaluation results of core functionality of our architecture are provided with the practical testbed experiments.

show abstract

Section: Background and Problem Statementmentioning

confidence: 99%

“…CapBAC approaches (e.g. [8], [12]) can be used to provide finegrained access control and have been suggested for use in IoT systems due to the low requirements they place on things. A capability can be defined as a communicable, unforgeable token of authority [10].…”

Section: Background and Problem Statementmentioning

confidence: 99%

Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things

Pal¹,

Hitchens²,

Varadharajan³

et al. 2018

EAI Endorsed Transactions on Industrial Networks and Intelligen

View full text Add to dashboard Cite

show abstract

“…The DCapBAC FC is a delegated authorization mechanism [10] that flexibly allows a client device or application to access to a resource at a server device. This FC is distributed between the devices (i.e., the server and the client) and the SMARITE platform that provides authorization decisions.…”

Section: Functional Components For User-centric Privacymentioning

confidence: 99%

An ARM-Compliant Architecture for User Privacy in Smart Cities: SMARTIE—Quality by Design in the IoT

Beltrán

Skarmeta

Ruíz

2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Much has been said about the benefits that the Internet of Things (IoT) will bring to citizens' life. Countless smart objects will be soon offering autonomous behavior in smart environments by sensing the physical world around us, collecting information about us, and taking proactive actions (many times without our consent) with the ultimate goal of improving our wellness. Without a strong guarantee on user privacy, the IoT may sound scary for many citizens. Indeed, the IoT-Architecture Reference Model (IoT-ARM) is a European effort for promoting IoT quality aspects such as security and privacy. This paper paves the way to the adoption of reference architectures by describing the application of the IoT-ARM within a European-funded project, SMARTIE. The SMARTIE architecture has been designed to empower citizens to take control of their IoT devices and privacy, while guaranteeing scalability for large deployments in smart cities.

show abstract

“…27 In order to establish the anonymity feature, the classical crypto-systems identity-based encryption (IBE) and ciphertext-policy attribute-based encryption (CP-ABE) are used. These systems apply public key-based mechanisms, which require very highperformance capabilities.…”

Section: Authentication and Access Controlmentioning

confidence: 99%

eDAAAS: Efficient distributed anonymous authentication and access in smart homes

Braeken

Porambage

Stojmenović

et al. 2016

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

The smart home field has witnessed rapid developments in recent years. Internet of Things applications for the smart home are very heterogeneous and continuously increasing in number, making user management from a security perspective very challenging. Moreover, the resource-constrained nature of most of the devices implies that any security mechanisms deployed should be lightweight and highly efficient. In this article, we propose an authentication scheme based on symmetric key cryptography, combined with a capability-based access control system, to provide the different stakeholders (residents, recurring guests, or temporary guests) end-to-end secure access to the Internet of Things devices in a smart home, managed by the home owner in an anonymous way. The operations in our scheme only include a small number of communication phases and protect the identities of the entities involved (i.e. stakeholders and endnodes) from any outside entity. The proposed scheme ensures that even if the stakeholder's device or the Internet of Things device is attacked, the system remains secure.

show abstract

DCapBAC: embedding authorization logic into smart things through ECC optimizations

Cited by 110 publications

References 23 publications

Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things

Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things

An ARM-Compliant Architecture for User Privacy in Smart Cities: SMARTIE—Quality by Design in the IoT

eDAAAS: Efficient distributed anonymous authentication and access in smart homes

Contact Info

Product

Resources

About